I've done a little more work on the typemapping to accomodate where the security_context_t ** appears in the parameter list. However I'm still experiencing the : Traceback (most recent call last): File "./test.py", line 27, in ? for security_context in security_context_list: TypeError: expected string or Unicode object, NoneType found error. One of the experiments I tried involved using these mapping: %typemap(in, numinputs=0) security_context_t **(security_context_t *temp=NULL) { $1 = &temp; } %typemap(argout) (const char *user, security_context_t fromcon, security_context_t **list) { $result = SWIG_Python_AppendOutput($result, $3); } basically not processing the returned security_context_t** and the test1.py script which doesn't try and process the security_context_t ** returned since it hasn't been converted into a list. What's interesting is that any python list is messed up after the call to get_ordered_context_list :( Ted On 5/15/07, Daniel J Walsh wrote: > Xavier Toth wrote: > > [jcdxdev@comms newrolegui]$ ./test.py > > list length 26 > > return code 26 > > user_u:user_r:user_xserver_t:UNCLASSIFIED > > user_u:user_r:user_crontab_t:UNCLASSIFIED > > user_u:user_r:user_iceauth_t:UNCLASSIFIED > > user_u:user_r:loadkeys_t:UNCLASSIFIED > > user_u:user_r:pam_t:UNCLASSIFIED > > user_u:user_r:ping_t:UNCLASSIFIED > > user_u:user_r:user_lpr_t:UNCLASSIFIED > > user_u:user_r:user_ssh_t:UNCLASSIFIED > > user_u:user_r:user_dbusd_t:UNCLASSIFIED > > user_u:user_r:user_xauth_t:UNCLASSIFIED > > user_u:user_r:utempter_t:UNCLASSIFIED > > user_u:user_r:user_spamassassin_t:UNCLASSIFIED > > user_u:user_r:user_sudo_t:UNCLASSIFIED > > user_u:user_r:newrole_t:UNCLASSIFIED > > user_u:user_r:traceroute_t:UNCLASSIFIED > > user_u:user_r:user_su_t:UNCLASSIFIED > > user_u:user_r:passwd_t:UNCLASSIFIED > > user_u:user_r:chfn_t:UNCLASSIFIED > > user_u:user_r:user_t:UNCLASSIFIED > > user_u:user_r:user_gpg_t:UNCLASSIFIED > > user_u:user_r:user_spamc_t:UNCLASSIFIED > > user_u:user_r:user_mail_t:UNCLASSIFIED > > user_u:user_r:user_ssh_agent_t:UNCLASSIFIED > > user_u:user_r:user_gpg_agent_t:UNCLASSIFIED > > user_u:user_r:user_javaplugin_t:UNCLASSIFIED > > user_u:user_r:user_chkpwd_t:UNCLASSIFIED > > Traceback (most recent call last): > > File "./test.py", line 27, in ? > > for security_context in security_context_list: > > TypeError: expected string or Unicode object, NoneType found > > > > > > On 5/15/07, Daniel J Walsh wrote: > >> Xavier Toth wrote: > >> > As I said I'm getting a typeerror after calling > >> > get_ordered_context_list which I don't understand. The call seems to > >> > work fine and it appears that the list is constructed and populated > >> > correctly but the for loop iterating over the list fails after the > >> > last member is processed with something like 'expected string or > >> > unicode got NoneType'. Any ideas? > >> > > >> > On 5/14/07, Daniel J Walsh wrote: > >> >> Xavier Toth wrote: > >> >> > I cleaned the typemap up a bit but am still getting a typeerror. > >> >> > > >> >> > %typemap(argout) security_context_t ** { > >> >> > PyObject *list_security_context = PyList_New(0); // Create the > >> >> list. > >> >> > if (list_security_context) { > >> >> > security_context_t **p_p_security_context_t = arg3; > >> >> > while (*p_p_security_context_t) { // Move each string > >> into the > >> >> > list. > >> >> > security_context_t *p_security_context_t = > >> >> > *p_p_security_context_t; > >> >> > if (PyList_Append(list_security_context, > >> >> > PyString_FromString((char > >> >> > *)*p_security_context_t)) < 0) { > >> >> > fprintf(stderr, "Fail to insert item in list.\n"); > >> >> > $result = -1; > >> >> > break; > >> >> > } > >> >> > p_p_security_context_t++; > >> >> > } > >> >> > } > >> >> > else { > >> >> > fprintf(stderr, "Fail to create list.\n"); > >> >> > $result = -1; > >> >> > } > >> >> > > >> >> > $result = SWIG_Python_AppendOutput($result, > >> >> list_security_context); > >> >> > > >> >> > } > >> >> > > >> >> > > >> >> > On 5/10/07, Xavier Toth wrote: > >> >> >> I don't know if this is the right approach but here's what I tried > >> >> >> adding to selinuxswig.i > >> >> >> > >> >> >> %typemap(argout) security_context_t ** { > >> >> >> int len = 0, i = 0; > >> >> >> PyObject * list_security_context = NULL; > >> >> >> security_context_t **p_p_security_context_t = arg3; > >> >> >> for (len = 0; *p_p_security_context_t != NULL; > >> >> >> p_p_security_context_t++, len++) ; > >> >> >> // Build a list of the returned strings. > >> >> >> list_security_context = PyList_New(len); // Create the > >> list > >> >> >> of strings. > >> >> >> if (list_security_context != NULL) { > >> >> >> p_p_security_context_t = arg3; > >> >> >> for (i = 0; i < len; i++, > >> p_p_security_context_t++) { > >> >> >> // Move each > >> >> >> string into the list. > >> >> >> security_context_t *p_security_context_t = > >> >> >> *p_p_security_context_t; > >> >> >> if > >> >> >> (PyList_SetItem(list_security_context,i,PyString_FromString((char > >> >> >> *)*p_security_context_t)) == -1) { > >> >> >> fprintf(stderr, "Fail to insert > >> item > >> >> >> in list.\n"); > >> >> >> return NULL; > >> >> >> } > >> >> >> } > >> >> >> } > >> >> >> else { > >> >> >> fprintf(stderr, "Fail to create list.\n"); > >> >> >> return NULL; > >> >> >> } > >> >> >> > >> >> >> $result = SWIG_Python_AppendOutput($result, > >> >> >> list_security_context); > >> >> >> } > >> >> >> > >> >> >> test script > >> >> >> > >> >> >> #!/usr/bin/env python > >> >> >> > >> >> >> import getpass > >> >> >> import seobject > >> >> >> import selinux > >> >> >> > >> >> >> seluser_records = seobject.seluserRecords() > >> >> >> seluser_dict = seluser_records.get_all() > >> >> >> keys = seluser_dict.keys() > >> >> >> keys.sort() > >> >> >> for key in keys: > >> >> >> print "%s %s" % (seluser_dict[key] [0], seluser_dict[key] [3]) > >> >> >> > >> >> >> #seluser_records.list() > >> >> >> > >> >> >> user_name = getpass.getuser() > >> >> >> print user_name > >> >> >> id, seuser_name, level = selinux.getseuserbyname(user_name) > >> >> >> print seuser_name > >> >> >> (rc, security_context_list) = > >> >> >> selinux.get_ordered_context_list(seuser_name, None) > >> >> >> for security_context in security_context_list: > >> >> >> print security_context > >> >> >> > >> >> >> output from test script > >> >> >> > >> >> >> sysadm sysadm_r staff_r secadm_r auditadm_r > >> >> >> staff sysadm_r staff_r secadm_r auditadm_r > >> >> >> sysadm sysadm_r > >> >> >> user system_r > >> >> >> user user_r > >> >> >> root > >> >> >> root > >> >> >> root:staff_r:staff_xserver_t:SystemLow-SystemHigh > >> >> >> Traceback (most recent call last): > >> >> >> File "./test.py", line 21, in ? > >> >> >> for security_context in security_context_list: > >> >> >> TypeError: expected string or Unicode object, NoneType found > >> >> >> > >> >> >> Is there something I need to do to terminate the list? Also this > >> >> >> should probably generate an exception for the error conditions. > >> >> >> > >> >> >> Ted > >> >> >> > >> >> >> > >> >> >> On 5/10/07, Xavier Toth wrote: > >> >> >> > I'm pretty new to swig and python but what about a typemap for > >> >> >> > security_context_t **. Also in the swig docs I noticed : > >> >> >> > // This cleans up the char ** array we malloc'd before the > >> function > >> >> >> call > >> >> >> > %typemap(freearg) char ** { > >> >> >> > free((char *) $1); > >> >> >> > } > >> >> >> > which seems to go along with %typemap(in) char ** would you not > >> >> want > >> >> >> > to add this to selinuxswig.i? > >> >> >> > > >> >> >> > On 5/4/07, Daniel J Walsh wrote: > >> >> >> > > Added get_context_list.h > >> >> >> > > > >> >> >> > > --- nsalibselinux/src/selinuxswig.i 2007-04-12 > >> >> >> 16:02:48.000000000 -0400 > >> >> >> > > +++ libselinux-2.0.13/src/selinuxswig.i 2007-04-23 > >> >> >> 10:26:21.000000000 -0400 > >> >> >> > > @@ -21,6 +21,7 @@ > >> >> >> > > %module selinux > >> >> >> > > %{ > >> >> >> > > #include "selinux/selinux.h" > >> >> >> > > + #include "selinux/get_context_list.h" > >> >> >> > > %} > >> >> >> > > %apply int *OUTPUT { int * }; > >> >> >> > > %apply int *OUTPUT { size_t * }; > >> >> >> > > @@ -42,8 +43,12 @@ > >> >> >> > > > >> >> >> > > %typedef unsigned mode_t; > >> >> >> > > > >> >> >> > > +%include "../include/selinux/get_context_list.h" > >> >> >> > > + > >> >> >> > > extern int is_selinux_enabled(void); > >> >> >> > > extern int is_selinux_mls_enabled(void); > >> >> >> > > +extern void freecon(security_context_t con); > >> >> >> > > +extern void freeconary(security_context_t * con); > >> >> >> > > extern int getcon(security_context_t *con); > >> >> >> > > extern int setcon(security_context_t con); > >> >> >> > > extern int getpidcon(int pid, security_context_t *con); > >> >> >> > > @@ -90,6 +95,11 @@ > >> >> >> > > mode_t mode, > >> >> >> > > security_context_t *con); > >> >> >> > > > >> >> >> > > +extern int matchpathcon_init_prefix(const char *path, > >> >> >> > > + const char *prefix); > >> >> >> > > +extern void matchpathcon_fini(void); > >> >> >> > > + > >> >> >> > > + > >> >> >> > > extern int matchmediacon(const char *media, > >> >> >> > > security_context_t *con); > >> >> >> > > > >> >> >> > > @@ -106,6 +116,7 @@ > >> >> >> > > extern const char *selinux_homedir_context_path(void); > >> >> >> > > extern const char *selinux_media_context_path(void); > >> >> >> > > extern const char *selinux_contexts_path(void); > >> >> >> > > +extern const char *selinux_securetty_types_path(void); > >> >> >> > > extern const char *selinux_booleans_path(void); > >> >> >> > > extern const char *selinux_customizable_types_path(void); > >> >> >> > > extern const char *selinux_users_path(void); > >> >> >> > > @@ -113,11 +124,15 @@ > >> >> >> > > extern const char *selinux_translations_path(void); > >> >> >> > > extern const char *selinux_netfilter_context_path(void); > >> >> >> > > extern const char *selinux_path(void); > >> >> >> > > -extern int selinux_check_passwd_access(access_vector_t > >> >> requested); > >> >> >> > > -extern int checkPasswdAccess(access_vector_t requested); > >> >> >> > > +#extern int selinux_check_passwd_access(access_vector_t > >> >> requested); > >> >> >> > > +#extern int checkPasswdAccess(access_vector_t requested); > >> >> >> > > > >> >> >> > > +extern int selinux_check_securetty_context(security_context_t > >> >> >> tty_context); > >> >> >> > > +void set_selinuxmnt(char *mnt); > >> >> >> > > + > >> >> >> > > +#ifdef SWIGpython > >> >> >> > > // This tells SWIG to treat char ** as a special case > >> >> >> > > -%typemap(python,in) char ** { > >> >> >> > > +%typemap(in) char ** { > >> >> >> > > /* Check if is a list */ > >> >> >> > > if (PyList_Check($input)) { > >> >> >> > > int size = PyList_Size($input); > >> >> >> > > @@ -143,6 +158,7 @@ > >> >> >> > > return NULL; > >> >> >> > > } > >> >> >> > > } > >> >> >> > > +#endif > >> >> >> > > > >> >> >> > > extern int rpm_execcon(unsigned int verified, > >> >> >> > > const char *filename, > >> >> >> > > @@ -164,3 +180,7 @@ > >> >> >> > > } > >> >> >> > > extern int selinux_getpolicytype(char **enforce); > >> >> >> > > extern int getseuserbyname(const char *linuxuser, char > >> **seuser, > >> >> >> char **level); > >> >> >> > > + > >> >> >> > > +int selinux_file_context_cmp(const security_context_t a, > >> const > >> >> >> security_context_t b); > >> >> >> > > +int selinux_file_context_verify(const char *path, mode_t > >> mode); > >> >> >> > > +int selinux_lsetfilecon_default(const char *path); > >> >> >> > > > >> >> >> > > > >> >> >> > > >> >> >> > >> >> I am no expert on swig either. I usually muddle around until I > >> get it > >> >> to work. > >> >> > >> >> Does this patch work for you? > >> >> > >> >> > >> >> > >> >> --- selinuxswig.i~ 2007-05-04 09:25:35.000000000 -0400 > >> >> +++ selinuxswig.i 2007-05-14 11:11:47.000000000 -0400 > >> >> @@ -17,6 +17,11 @@ > >> >> * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA > >> >> 02110-1301 USA > >> >> */ > >> >> > >> >> +%header %{ > >> >> + #define STATUS_SUCCESS 0 > >> >> + #define STATUS_ERR -1 > >> >> +%} > >> >> + > >> >> > >> >> %module selinux > >> >> %{ > >> >> @@ -29,6 +34,7 @@ > >> >> %typemap(in, numinputs=0) security_context_t *(security_context_t > >> >> temp=NULL) { > >> >> $1 = &temp; > >> >> } > >> >> + > >> >> %typemap(argout) security_context_t * (char *temp=NULL) { > >> >> if (*$1) > >> >> temp = *$1; > >> >> @@ -43,6 +49,32 @@ > >> >> > >> >> %typedef unsigned mode_t; > >> >> > >> >> +%typemap(in, numinputs=0) security_context_t ** (security_context_t > >> >> *temp=NULL){ > >> >> + $1 = &temp; > >> >> +} > >> >> + > >> >> +%typemap(argout) security_context_t ** { > >> >> + PyObject *list_security_context = PyList_New(0); // Create the > >> >> list. > >> >> + if (list_security_context) { > >> >> + security_context_t **p_p_security_context_t = > >> >> (security_context_t **)(arg3); > >> >> + while (*p_p_security_context_t) { // Move each string into > >> >> the list. > >> >> + security_context_t *p_security_context_t = > >> >> *p_p_security_context_t; > >> >> + if (PyList_Append(list_security_context, > >> >> PyString_FromString((char > >> >> +*)*p_security_context_t)) < 0) { > >> >> + fprintf(stderr, "Fail to insert item in list.\n"); > >> >> + $result = SWIG_From_int(STATUS_ERR); > >> >> + break; > >> >> + } > >> >> + p_p_security_context_t++; > >> >> + } > >> >> + $result = SWIG_Python_AppendOutput($result, > >> >> list_security_context); > >> >> + } > >> >> + else { > >> >> + fprintf(stderr, "Fail to create list.\n"); > >> >> + $result = SWIG_From_int(STATUS_ERR); > >> >> + } > >> >> +} > >> >> + > >> >> %include "../include/selinux/get_context_list.h" > >> >> > >> >> extern int is_selinux_enabled(void); > >> >> > >> >> > >> I have not been able to get my version to bring back more then one item > >> in the list. > >> > >> Could you print the list for me? > >> > Ok I have been able to duplicate your error on an MLS machine. I will > look into it some more tomorrow. Must be something wrong with the binding. >